Answers

Use integrated Windows authentication whenever possible. It takes the onus off of your application and lets Windows handle it. Using Windows authentication instead of SQL authentication is considered a best practice.

Incidentally, if this is a "job" as implied by the question, it may be a great candidate for a simple Windows service or scheduled task, both of which can run in a specific security context (i.e. as a specific Windows user).

in your app.config or web.config and then you encrypt them using the .net encryption provider

you can use encryption and dyscryption algorithm for passwords and log your user information by who created user and what datetime it created and save this in database.
and even if someone update or edit log that information in database.